Sierra Leone Police Force and other GOSL websites hacked
What in the world is going on? Who is responsible to administer, manage and maintain these websites? Do you know that your website has been hacked? If you do, why is it still live and not off-line while you are trying to fix the problem? Do you have the expertise to administer, manage, and maintain a government website? Does the Government of Sierra Leone, Ministries, Commissions, Secretariats and Institutions have an Internet policy that includes some basics about maintaining, administering and managing a website?
- The Sierra Leone Police
- Sierra Leone High Commission – Nigeria
- Ministry of Education Science and Technology
- National ICT Task Force
@The Sierra Leone Police Force
You are supposed to be the security experts. Security these days is not just off-line. It includes on-line as long as you have opted to have an on-line presence. Please take care of this issue as soon as possible. For some of us in the field, it is a shame to see the website of our Police Force being hacked while they sit and do nothing from my point of view. I may be wrong but the site has been hacked for a while now and I just could not wait any longer but to make it a public announcement.
@The Sierra Leone High Commission in Nigeria
What is going on here? Have you changed your website address? It seems like you have been hacked by some Chinese hackers. Please take a look at you site and if possible take it off-line as soon as possible. You don’t want potential tourists to stay away from Sierra Leone due to first impressions when they visit your website to find your location and obtain a visa.
@The Ministry of Education, Science and Technology
I don’t even know where to start with this one. Five months back this site was hacked and was being constantly reported in Google search. Instead of you repairing the site or at least developing a new one, you installed a default Joomla website with no information at the Ministry. Do you know what you are teaching our children? Is this the example you want to set? Does the Minister know about these issues? If so, what or who in the world is he waiting for? We deserve better in this day and age Mr/Ms Minister. There are tons of people out here who are waiting to get in touch with your ministry online but instead you presented them with a Joomla template installed by a pre-school kid. Please do something for Mama Sierra Leone. this is very shameful.
@The ICT Task Force
You are supposed to be the experts in doing this. You created the National ICT Policy. What are you waiting for to implement? Have you changed your website address or its just another hacker’s work? Mr. Vice President, this task force is attached to your office. If they are not doing their job, please fire them all and hire experts who know what to do. If you can do that, you might as well fire XXXX. Sierra Leone deserves better than this. Look at neighboring countries and other developing countries. Learn from examples.
What not to do
Don’t just repair the damaged files and hope that this experience doesn’t happen again. That is not enough. It will happen again, and again, and again.
Nobody is ever supposed to be able to add, delete, or change files in your website without your permission. It should never happen, and it usually doesn’t. Most websites don’t get hacked. If yours did, there is something wrong with it, or with the server, or with the hosting company, or with the security on your PC. You have to figure out how this happened so you can prevent it from happening again.
Ok, let’s get started… The check boxes don’t do anything. You can check them to help keep your place as you go.
General information on how to take care of the problem right away
Are you hesitant to take your site offline? Consider this: a visitor who finds your site down will hardly notice the incident and will (or at least might) come back later. A visitor who gets attacked by a virus from your site will develop a strong memory of the incident and probably not come back, ever. Worst, they will inform all of their friends about the bad experience.
In addition, it is possible that a script with a security hole was the reason the site got hacked. As long as that script is publicly accessible, the site remains vulnerable, which means it could get hacked again even while you’re trying to repair it.
Lastly, it is possible the attacker installed a backdoor script to let themselves back into the site. Closing the site at least has a chance of locking them out and making it impossible for them to use the backdoor, giving you time to find and delete it.
Stay with Sierra Express Media, for your trusted place in news!
© 2011, https:. All rights reserved.
NerdBot
/
This is a great site and your articles are very good. Please protect your wordpress login screen by using a subdirectory with a misleading name.
29th August 2011Someone with a malicious intention can invoke queries to generate a fake token and log into your site. We should start taking cyber security threat seriously in Sierra Leone.
NerdBot
/
Interesting article… I visited the links of the sites you posted and was very disappointed that all the sites are still hacked or incomplete.
29th August 2011Please take note that the following Sierra Leone websites are also not secure and can be easily hacked using SQL Injection. This should be brought to the notice of the Site Administrators.
http://www.visitsierraleone.org
http://www.statehouse.gov.sl/
http://www.sierraleonetourism.sl